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Amendments to the Specification; 

Please replace paragraph [0058] with the following 
rewritten paragraph: 

[0058] Turning now to FIG. 12, a flow diagram that 
illustrates a method for applying credential evaluation 
policies in accordance with one embodiment of the present 
invention is presented. Figure 12 provides more detail for 
reference numeral 1110 of FIG. 11. As discussed above, the 
unique identifying information of a credential may be stored 
separately from the rest of the credential data. Thus, at 12 00 
a determination is made regarding whether credential data is 
included in the credential. If credential data is not included 
in the credential, the credential data is obtained at 1205. If 
credential data is included in the credential, a determination 
is made at 1210 regarding whether all embedded credentials that 
are needed are included in the credential. If not all such 
credentials are included, the needed credentials are obtained 
at 1215. If all needed credentials are included, a 
determination is made at 122 0 regarding whether any data in the 
credential must be unsealed. The credential data to be 
unsealed may include nested credential data. If data must be 
unsealed, it is unsealed at 1225. If no data needs to be 
unsealed, at 1230 a determination is made regarding whether the 
credential data is valid. If the data is invalid, the process 
ends with a failure indication at 1240 1245 . If the data is 
valid, the process ends successfully at 1240. 

Please replace paragraph [0071] with the following 
rewritten paragraph: 

[0071] Turning now to FIG. 17, a block diagram that 
illustrates assigning multiple sets of user data for identities 
in accordance with one embodiment of the present invention is 
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presented. As shown in FIG. 17, the user data 1704- 1720 1721 is 
stored in secure user data storage 1702. Secure user data 
storage 1702 is controlled by a user (user-controlled) . The 
user data 1704- 1720 1721 may include encrypted data and/or 
authenticated data. Secure user data storage 1702 may comprise 
a portable device such as a cell phone, PDA or smart card or 
the like. Secure user data storage 1702 may also comprise a 
file on a Web server or other computer. 

Please replace paragraph [0087] with the following 
rewritten paragraph: 

[0087] Turning now to FIG. 24, a block diagram that 
illustrates assigning multiple credentials for identities in 
accordance with one embodiment of the present invention is 
presented. Figure 24 is similar to FIG. 17, except that 
service credentials 2404- 2 4 20 2421 are stored in the secure 
device 2402. In other words, the service credentials 2404- 
2 4 20 2421 of FIG. 24 are based upon and contain, directly or 
indirectly, the user data 1704-^^0 1721 of FIG. 17. 
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